Karaage Settings

There are many settings in /etc/karaage3/settings.py that can be customized for local requirements.

Django settings

Any Django settings can be used, although it is recommended only to modify the settings described in this section.

HTTP_HOST

Default: FQDN hostname

FQDN host, used in default settings for ALLOWED_HOSTS, REGISTRATION_BASE_URL, and ADMIN_BASE_URL.

Not a Django setting, but listed here regardless.

DEBUG

Default: False

Never deploy a site into production with DEBUG turned on.

Did you catch that? NEVER deploy a site into production with DEBUG turned on.

One of the main features of debug mode is the display of detailed error pages. If your app raises an exception when DEBUG is True, Django will display a detailed traceback, including a lot of metadata about your environment, such as all the currently defined Django settings (from settings.py).

See DEBUG.

ALLOWED_HOSTS

Default: ['%(HOST)']

A list of strings representing the host/domain names that this Django site can serve. This is a security measure to prevent an attacker from poisoning caches and password reset emails with links to malicious hosts by submitting requests with a fake HTTP Host header, which is possible even under many seemingly-safe web server configurations.

%(HOST) will be substituted with the HTTP_HOST setting.

See ALLOWED_HOSTS.

ADMINS

Default: () (Empty tuple)

A tuple that lists people who get code error notifications. When DEBUG=False and a view raises an exception, Django will email these people with the full exception information. Each member of the tuple should be a tuple of (Full name, email address).

See ADMINS.

MANAGERS

Default: () (Empty tuple)

A tuple in the same format as ADMINS that specifies who should get broken link notifications when BrokenLinkEmailsMiddleware is enabled.

See MANAGERS.

DATABASES

Default: {} (Empty dictionary)

A tuple in the same format as ADMINS that specifies who should get broken link notifications when BrokenLinkEmailsMiddleware is enabled.

See DATABASES.

SERVER_EMAIL

Default: 'root@localhost'

The email address that error messages come from, such as those sent to ADMINS and MANAGERS.

See SERVER_EMAIL.

EMAIL_HOST

Default: 'localhost'

The host to use for sending email.

See EMAIL_HOST.

EMAIL_SUBJECT_PREFIX

Default: '[Django] '

Subject-line prefix for email messages sent with django.core.mail.mail_admins or django.core.mail.mail_managers. You’ll probably want to include the trailing space.

See EMAIL_SUBJECT_PREFIX.

TIME_ZONE

Default: 'America/Chicago'

A string representing the time zone for this installation, or None. See the list of time zones.

See TIME_ZONE.

LANGUAGE_CODE

Default: 'en-us'

A string representing the language code for this installation. This should be in standard language ID format. For example, U.S. English is "en-us". See also the list of language identifiers.

See LANGUAGE_CODE.

SECRET_KEY

Default: '' (Empty string)

A secret key for a particular Django installation. This is used to provide cryptographic signing, and should be set to a unique, unpredictable value.

See SECRET_KEY.

LOGGING

Default: A logging configuration dictionary.

A data structure containing configuration information. The contents of this data structure will be passed as the argument to the configuration method described in LOGGING_CONFIG.

See LOGGING.

Django Pipeline settings

Pipeline is an asset packaging library for Django, providing both CSS and JavaScript concatenation and compression, built-in JavaScript template support, and optional data-URI image and font embedding.

PIPELINE_CSS_COMPRESSOR

Default: 'pipeline.compressors.yui.YUICompressor'

Django pipeline setting.

Compressor class to be applied to CSS files.

If empty or None, CSS files won’t be compressed.

PIPELINE_JS_COMPRESSOR

Default: 'pipeline.compressors.yui.YUICompressor'

Django pipeline setting.

Compressor class to be applied to JS files.

If empty or None, JavaScript files won’t be compressed.

Karaage core settings

These are settings defined and used by Karaage core.

ACCOUNTS_EMAIL

Default: No default; must be set

Users are advised to contact this address if having problems. This is also used as the from address in outgoing emails.

ACCOUNTS_ORG_NAME

Default: No default; must be set

This organisation name, used in outgoing emails.

REGISTRATION_BASE_URL

Default: 'https://%(HOST)s/users'

Registration base URL - Used in email templates.

%(HOST) will be substituted with the HTTP_HOST setting.

ADMIN_BASE_URL

Default: 'https://%(HOST)s/kgadmin'

Admin base URL - Used in email templates.

%(HOST) will be substituted with the HTTP_HOST setting.

AUP_URL

Default: Django template karaage/common/aup-detail.html

Path to AUP policy. Note that setting this will not disable the Karaage default page, it might be better to replace the AUP with a file in the templates directory karaage/common/aup-detail.html if required.

ALLOW_REGISTRATIONS

Default: False

Plugin: kgapplications

Do we allow anonymous users to request accounts?

ALLOW_NEW_PROJECTS

Default: True

Plugin: kgapplications

Do we allow applications for new projects?

PLUGINS

Default: [] (Empty list)

A list of classes that define Karaage plugins. For more information on creating plugins from scratch, please see the Karaage programmers documentation.

DATASTORES

Default: [] (Empty list)

This is a list of dictionaries, that define the data stores.

An example:

DATASTORES = [
    {
        'DESCRIPTION': 'LDAP datastore',
        'ENGINE': 'karaage.datastores.ldap.DataStore',
        ...
     }
 ]

The settings for each datastore will vary depending on the value of ENGINE supplied. For more information, see Data Stores.

LDAP

Default: {} (Empty dictionary)

This setting defines LDAP settings for a connection to a LDAP server. It is only used if you have configured DATASTORES to use ldap.

An example:

LDAP = {
    'default': {
        'ENGINE': 'tldap.backend.fake_transactions',
        'URI': 'ldap://localhost',
        'USER': 'cn=admin,dc=example,dc=org',
        'PASSWORD': 'topsecret',
        'USE_TLS': False,
        'TLS_CA': None,
    }
}

USERNAME_VALIDATION_RE

Default: '[-\w]+'

Regular expression that defines a valid username for a person or an account.

Warning

Do not change unless you are sure you understand the potential security ramifications in doing so.

USERNAME_VALIDATION_ERROR_MSG

Default: 'Usernames can only contain letters, numbers and underscores'

Error message that is displayed to user if the username for a person or account doesn’t pass the USERNAME_VALIDATION_RE check.

PROJECT_VALIDATION_RE

Default: '[-\w]+'

Regular expression that defines a valid username for projects.

Warning

Do not change unless you are sure you understand the potential security ramifications in doing so.

PROJECT_VALIDATION_ERROR_MSG

Default: 'Project names can only contain letters, numbers and underscores'

Error message that is displayed to user if a name for a project doesn’t pass the PROJECT_VALIDATION_RE check.

GROUP_VALIDATION_RE

Default: '[-\w]+'

Regular expression that defines a valid name for a group.

Warning

Do not change unless you are sure you understand the potential security ramifications in doing so.

GROUP_VALIDATION_ERROR_MSG

Default: 'Group names can only contain letters, numbers and underscores'

Error message that is displayed to user if a name for a group doesn’t pass the GROUP_VALIDATION_RE check.

Karaage applications settings

Settings specific to the Karaage applications plugin.

EMAIL_MATCH_TYPE

default: 'exclude'

Settings to restrict the valid list of email addresses we allow in applications. EMAIL_MATCH_TYPE can be 'include' or 'exclude'. If 'include' then the email address must match one of the RE entries in EMAIL_MATCH_LIST. If 'exclude' then then email address must not match of the the RE entries in :setting:EMAIL_MATCH_LIST.

EMAIL_MATCH_LIST

Default: [] (Empty list)

Settings to restrict the valid list of email addresses we allow in applications. EMAIL_MATCH_TYPE can be 'include' or 'exclude'. If 'include' then the email address must match one of the RE entries in EMAIL_MATCH_LIST. If 'exclude' then then email address must not match of the the RE entries in :setting:EMAIL_MATCH_LIST.